Information Security

FTC Announces Enhancements to IdentityTheft.gov

Original release date: January 29, 2016 The Federal Trade Commission (FTC) has upgraded its IdentityTheft.gov site to provide improved help to victims of identity theft. Enhancements include more personalized response plans for consumers, automatic generation of documents to aid in recovery, and better integration of the site with the FTC’s consumer complaint system. Resources are Read more about FTC Announces Enhancements to IdentityTheft.gov[…]

OpenSSL Releases Security Advisory

Original release date: January 28, 2016 OpenSSL versions 1.0.2f and 1.0.1r have been released to address vulnerabilities in prior versions. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update. For more information, please see Vulnerability Read more about OpenSSL Releases Security Advisory[…]

Cisco

Cisco Releases Security Update

Original release date: January 27, 2016 Cisco has released a security update to address a vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices. Exploitation of this vulnerability could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review the Cisco Security Read more about Cisco Releases Security Update[…]

IRS Releases Tenth Security Tip

Original release date: January 25, 2016 The Internal Revenue Service (IRS) has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all computer Read more about IRS Releases Tenth Security Tip[…]

Apple Releases Security Update for tvOS

Original release date: January 25, 2016 Apple has released a security update for tvOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security update for tvOS 9.1.1 Apple TV (4th generation) and Read more about Apple Releases Security Update for tvOS[…]

ISC Releases Security Updates for BIND

Original release date: January 19, 2016 The Internet Systems Consortium (ISC) has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P3 BIND 9 version 9.10.3-P3 BIND 9 version 9.9.8-S4 Users and administrators are encouraged to Read more about ISC Releases Security Updates for BIND[…]

Information Security

Linux Kernel Vulnerability

Original release date: January 19, 2016 US-CERT is aware of a Linux kernel vulnerability affecting Linux PCs and servers and Android-based devices. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT recommends that users and administrators review the Redhat Security Blog and the Debian Security Bug Tracker for Read more about Linux Kernel Vulnerability[…]

Apple Releases Security Updates for iOS, OS X El Capitan, and Safari

Original release date: January 19, 2016 Apple has released security updates for iOS, OS X El Capitan, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 9.2.1 for iPhone 4s and later, iPod touch (5th generation) Read more about Apple Releases Security Updates for iOS, OS X El Capitan, and Safari[…]

Oracle Releases Security Bulletin

Original release date: January 19, 2016 Oracle has released its Critical Patch Update for January 2016 to address 248 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Oracle January 2016 Critical Patch Update Read more about Oracle Releases Security Bulletin[…]